Page 174 - How Cloud Computing Is Transforming Business and Why You Cant Afford to Be Left Behind
P. 174
MANA GEMENT STRATEGIES F O R THE CL OUD R EV OL UTION
vulnerability. There are frequently many moving parts in a vir-
tual machine, including code libraries and middleware as well
as the application and its operating system. Thousands of end
users are building their own Amazon Machine Images (AMIs),
with operating systems that may or may not have the latest pro-
tective measures. Depending on the skill with which they’ve
been written, applications offer their own avenues of attack
through buffer overflows, SQL injection, and other forms of at-
tack where malicious code is entered in place of the names,
dates, and other familiar information. Applications can be com-
posed to protect against such intrusions, but have they been
in every instance in the cloud? Who polices all this activity?
Amazon provides instructions on how to build an AMI and
urges prospective customers to also use their own precautions.
“Your listing will show up on the site after a quick review by
AWS,” says the Web page Amazon Web Services, Submit an
AMI (http://developer.amazonwebservices.com/connect/
kbcategory/.jspa?categoryID=116). How much critical scrutiny
is included in that “quick review”?
In the cloud, these virtual machines are going to reside on
the same physical server as yours. This is widely viewed as a
safe practice within a self-contained corporate data center, but
will the same be said of operations outside its walls a few years
from now? The online MIT Technology Review, in its October
23, 2009 report “Vulnerability Seen in Amazon’s Cloud Com-
puting,” said that a study had concluded that it was technically
feasible for a skilled agent to put a virtual machine into EC2
on the same server as one occupied by someone on whom it
wishes to snoop. Virtual machines have IP addresses that are
154
